What Is RSA Encryption

RSA (Rivest-Shamir-Adleman) is the first widely adopted public key cryptosystem, published in 1977. It enables secure communication, digital signatures, and key exchange without requiring parties to share a secret key in advance. RSA's security is based on the computational difficulty of factoring the product of two large prime numbers — a problem that remains intractable for classical computers at sufficient key sizes.

RSA is used in TLS/SSL certificates, PGP email encryption, code signing, secure boot, and countless other security protocols. While newer elliptic curve algorithms offer equivalent security with smaller keys, RSA remains foundational to understanding public key cryptography and is still the most widely deployed asymmetric algorithm.

How RSA Works

RSA key generation, encryption, and decryption follow these mathematical steps:

Key Generation

Choose two large random primes p and q (each 1024+ bits for RSA-2048)
Compute n = p x q (the modulus, used in both public and private keys)
Compute phi(n) = (p-1)(q-1) (Euler's totient)
Choose public exponent e (commonly 65537) such that gcd(e, phi(n)) = 1
Compute private exponent d such that e x d = 1 mod phi(n)
Public key: (n, e) — Private key: (n, d)

Operations

Operation	Formula	Used For
Encrypt	c = m^e mod n	Confidentiality — encrypting data with the recipient's public key
Decrypt	m = c^d mod n	Decrypting data with your private key
Sign	s = hash(m)^d mod n	Digital signatures — proving authorship with your private key
Verify	hash(m) = s^e mod n	Verifying a signature with the signer's public key

Key Size and Security

RSA Key Size	Equivalent Symmetric Strength	Status
1024-bit	~80-bit	Deprecated — factorable with sufficient resources
2048-bit	~112-bit	Minimum acceptable — adequate through ~2030
3072-bit	~128-bit	Recommended for new deployments
4096-bit	~152-bit	Long-term security, but slower operations

Common Use Cases

Learning cryptography: Experiment with small RSA key sizes to understand modular arithmetic, key generation, and the relationship between public and private keys
Understanding TLS certificates: See how RSA key pairs underpin the certificate chain that secures HTTPS connections
Digital signature exploration: Sign and verify messages to understand how code signing, document signing, and certificate validation work
Security assessment: Evaluate whether systems use adequate RSA key sizes and proper padding schemes (OAEP vs PKCS#1 v1.5)
Post-quantum planning: Understand why RSA will be broken by Shor's algorithm on quantum computers and why migration to post-quantum algorithms is necessary

Best Practices

Minimum 2048-bit keys — NIST, ENISA, and major browsers require at least RSA-2048. Use RSA-3072 or RSA-4096 for certificates and keys that must remain secure beyond 2030.
Use OAEP padding for encryption — RSA-OAEP (Optimal Asymmetric Encryption Padding) is the recommended padding scheme. Never use textbook RSA (no padding) or PKCS#1 v1.5 for new implementations.
Use PSS padding for signatures — RSA-PSS (Probabilistic Signature Scheme) provides a security proof and is preferred over PKCS#1 v1.5 signatures.
Never encrypt large data directly with RSA — RSA can only encrypt data smaller than the key size. Use hybrid encryption: encrypt data with AES, then encrypt the AES key with RSA.
Prepare for post-quantum migration — Shor's algorithm will break RSA when large-scale quantum computers exist. NIST has standardized ML-KEM (Kyber) as a quantum-safe replacement. Begin evaluating hybrid RSA + post-quantum approaches.

RSA Playground

Need Professional Security Testing?